Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
592
Views
0
Helpful
1
Replies

Intercluster trunk(non-gatekeeper) through Cisco ASA and Checkpoint

ankit.joshi
Level 1
Level 1

‎02-13-2012 04:13 PM - edited ‎03-16-2019 09:34 AM

Hi guys,

We are trying to set up intercluster trunk between our two sites, one site is using Cisco ASA and other site is using Checkpoint as a firewall.

On both the firewalls we have allowed TCP/1720. We are not able to get trunk registered through this setup. On Cisco ASA we have configured inspect h323 ras and inspect h323 h225. No NAT is being used

When we try to make a call from the call manager which is behind Cisco ASA, we see SYN timeout after ASA trying to build TCP connection on port 1720 after about 30 seconds. ICMP works fine as both call manager can ping each other.

Has anyone done ICT set up through firewalls and any other configuration that we have missed on firewall?

Thanks

Labels:
0 Helpful
1 Reply 1

Gajanan Pande
Cisco Employee
Cisco Employee

‎02-14-2012 01:58 AM

You should be fine if you open ports as mentioned in the document below. Did you ?

http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/port/8_0_1/portlist801.html

GP

0 Helpful
Customers Also Viewed These Support Documents